Fix Bugzilla Bug #223313 - should do random generated IV param for symmetric keys

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1354 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

1 files changed, 6 insertions, 6 deletions

diff --git a/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java b/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
index 6f12a6714..00f219388 100644
--- a/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
+++ b/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
@@ -325,11 +325,12 @@ public class NetkeyKeygenService implements IService {
 
         byte iv[] = {0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1};
 	String iv_s ="";
-/*
-        org.mozilla.jss.pkcs11.PK11SecureRandom random =
-          new org.mozilla.jss.pkcs11.PK11SecureRandom();
-        random.nextBytes(iv);
-*/
+        try {
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            random.nextBytes(iv);
+        } catch (Exception e) {
+            CMS.debug("NetkeyKeygenService.serviceRequest:  "+ e.toString());
+        }
 
 	IVParameterSpec algParam = new IVParameterSpec(iv);
 
@@ -515,7 +516,6 @@ public class NetkeyKeygenService implements IService {
 		iv_s = /*base64Encode(iv);*/com.netscape.cmsutil.util.Utils.SpecialEncode(iv);
 		request.setExtData("iv_s", iv_s);
 
-
 		/*
 		 * archival - option flag "archive" controllable by the caller - TPS
 		 */